[Full-Disclosure] ./makeunicode2.py release announcement

From: 0 0 (daveaitel@hotmail.com)
Date: 02/26/03

  • Next message: John.Airey@rnib.org.uk: "RE: [Full-Disclosure] FW: Citibank tries to gag crypto bug disclo sure"
    From: "0 0" <daveaitel@hotmail.com>
    To: full-disclosure@lists.netsys.com
    Date: Wed, 26 Feb 2003 15:54:46 +0000

    Immunity, Inc. is pleased to announce the availability of
    makeunicode2.py - a Python program that will encode arbitrary x86
    shellcode into a valid unicode string. This program is available from
    the BlackHat web site at
    (currently Immunity, Inc.'s website's DSL line is undergoing "repairs",
    and is unavailable until March 12th. Getting reliable business DSL
    service in NYC is like trying to get DSL service to the moon).

    Although encoding shellcode into a valid Unicode string may seem
    obscure, it allows the exploitation of a large segment of buffer
    overflow attacks, especially on Windows systems, previously thought to
    be "prohibitively difficult."

    makeunicode2.py was originally part of CANVAS, Immunity Inc's
    exploitation demonstration product, but is now released under the Gnu
    Public License (v2.0).

    Dave Aitel
    Marketing and Public Relations Director
    Immunity, Inc.
    (Links will be available again after March 12th, 2003, if Verizon is to
    be believed.)

    MSN 8 with e-mail virus protection service: 2 months FREE*

    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html